Shulou(Shulou.com)06/03 Report--

To add and manage users, the following three files must be understood.

/ etc/passwd

The following figure is part of / etc/passwd

The structure and composition are clear at a glance; one account line, each line consists of seven fields separated by commas, which represent:

Login name: password: UID:GID: user details: home directory: SHELL

Where:

Login: that is, user name. It can contain any character except colons and newline characters, but generally no more than 32 characters (login length is limited to 8 characters when using NIS); it is case-sensitive.

For individual users, what kind of name you choose is up to you, and your territory is up to you!

But for system administrators, naming is no longer so simple and casual! They all have a reasonable naming scheme! Why is that? If you think about it, how many accounts does he have to manage as a professional system administrator? If there is no reasonable naming mechanism, the consequences can be imagined. Of course, this is only a very simple reason!

Password: / etc/passwd stores passwords in encrypted form, so all we see is X! Encrypted passwords are stored in / etc/shadow

See that long list of messy things after root? it corresponds to the X in / etc.passwd.

The value of this field is usually set by passwd. When we create a new user, should we run this passwd command to set the password? Of course, you can also manually edit / etc/passwd to create a new user, so to be safe, add an asterisk or X to the password field.

UID: no interpretation, 32-bit unsigned integers. The user whose UID is 0 is root, of course, you can also set the UID of other users to 0, if you do so, you have to take it easy!

Some other users are also defined in the system, such as deamon with UID 1 and bin,UID 2, and so on, which are used to accomplish some specific tasks.

For the UID of the average user of the system, it is recommended to start at 500.

In your environment, make sure that UID is unique

GID: similar to UID, don't tremble! Its content is provided by / etc/group

User details: user's personal information, such as full name, phone number, office room number, etc.; there is no fixed format and is usually separated by commas.

Home directory: the directory to be entered by the SHELL specified by the user after logging in.

If the user's home directory cannot be found when logging in, the system will have relevant information such as no home directory or no home directory.

Setting DEFAULT_HOME in / etc/login.defs to NO disables login for users who do not have a home directory; otherwise, login is allowed and the root directory is used.

Login SHELL: specifies that the SHELL;bash used by the user after login is the default SHELL.

If this field is left empty, it will default to BASH.

Users can use the chsh command to change the SHELL they use

About the chsh command:

Option

-s,-- shell: change your login shell.

-l,-- list-shells: list the shell recorded in / etc/shells.

-u,-- help

-v,-- version

Example:

# SHELL should use an absolute path!

/ etc/shadow:

The figure below is as follows

Each user has one line, and each line consists of nine fields separated by eight commas:

Login name: encrypted password: the last time the password was modified: the minimum interval between two password changes: the maximum interval between two password changes: how many days in advance warn the user that the password is about to expire: disable the account after the password expires: account expiration date: reserved field, currently empty

The absolute date specified in / etc/shadow is the number of days from 1970 to 1-the current number of days. Only the first two fields are required to be not empty!

Where:

1. The login is the same as the login in / etc/passwd. It associates the passwd used with the records in shadow.

2. Same password in / etc/passwd

3. The time when the user last modified the password, usually filled in by the passwd command

4. Everything else is obvious, don't say, hehe

/ etc/group:

The figure below is as follows

Each line represents a group, consisting of four fields separated by three commas

Corresponding to the group name: password: GID number: group member

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.